TY - GEN
T1 - Liveness by invisible invariants
AU - Fang, Yi
AU - McMillan, Kenneth L.
AU - Pnueli, Amir
AU - Zuck, Lenore D.
PY - 2006
Y1 - 2006
N2 - The method of Invisible Invariants was developed in order to verify safety properties of parametrized systems in a fully automatic manner. In this paper, we apply the method of invisible invariant to "bounded response" properties, i.e., liveness properties of the type p q that are bounded - once a p-state is reached, it takes a bounded number of rounds (where a round is a sequence of steps in which each process has been given a chance to proceed) to reach a q-state - thus, they are essentially safety properties. With a "liveness monitor" that observes certain behavior of a system, establishing "bounded response" properties over the system is reduced to the verification of invariant properties. It is often the case that the inductive invariants for systems with "liveness monitors" contain assertions of a certain form that the original method of invisible invariant is not able to generate, nor to check inductiveness. To accommodate invariants of such forms, we extend the techniques used for invariant generation, as well as the small model theorem for validity check.
AB - The method of Invisible Invariants was developed in order to verify safety properties of parametrized systems in a fully automatic manner. In this paper, we apply the method of invisible invariant to "bounded response" properties, i.e., liveness properties of the type p q that are bounded - once a p-state is reached, it takes a bounded number of rounds (where a round is a sequence of steps in which each process has been given a chance to proceed) to reach a q-state - thus, they are essentially safety properties. With a "liveness monitor" that observes certain behavior of a system, establishing "bounded response" properties over the system is reduced to the verification of invariant properties. It is often the case that the inductive invariants for systems with "liveness monitors" contain assertions of a certain form that the original method of invisible invariant is not able to generate, nor to check inductiveness. To accommodate invariants of such forms, we extend the techniques used for invariant generation, as well as the small model theorem for validity check.
UR - http://www.scopus.com/inward/record.url?scp=33750567735&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33750567735&partnerID=8YFLogxK
U2 - 10.1007/11888116_26
DO - 10.1007/11888116_26
M3 - Conference contribution
AN - SCOPUS:33750567735
SN - 3540462198
SN - 9783540462194
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 356
EP - 371
BT - Formal Techniques for Networked and Distributed Systems - FORTE 2006 - 26th IFIP WG 6.1 International Conference, Proceedings
A2 - Najm, Elie
A2 - Pradat-Peyre, Jean-François
A2 - Donzeau-Gouge, Véronique Viguié
PB - Springer Verlag
T2 - 26th IFIP WG 6.1 International Conference
Y2 - 26 September 2006 through 29 September 2006
ER -